Certbot -auto renew error


#1

My domain is: vtc010.com

I ran this command:certbot -auto renew

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log


Processing /etc/letsencrypt/renewal/vtc010.com.conf

Cert is due for renewal, auto-renewing…
Could not choose appropriate plugin: The requested uto plugin does not appear to be installed
Attempting to renew cert (vtc010.com) from /etc/letsencrypt/renewal/vtc010.com.conf produced an unexpected error: The requested uto plugin does not appear to be installed. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/vtc010.com/fullchain.pem (failure)


All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/vtc010.com/fullchain.pem (failure)

1 renew failure(s), 0 parse failure(s)


#2

Hi @tport

install this missing uto plugin.


#3

but i don’t know about this uto plugin


#4

What’s the content of this file?

And what says


#5

vtc010.com.conf

renew_before_expiry = 30 days

version = 0.24.0
archive_dir = /etc/letsencrypt/archive/vtc010.com
cert = /etc/letsencrypt/live/vtc010.com/cert.pem
privkey = /etc/letsencrypt/live/vtc010.com/privkey.pem
chain = /etc/letsencrypt/live/vtc010.com/chain.pem
fullchain = /etc/letsencrypt/live/vtc010.com/fullchain.pem

Options used in the renewal process

[renewalparams]
account = f47be8359e6aa3341f78f8e0840d9321
manual_public_ip_logging_ok = True
server = https://acme-v02.api.letsencrypt.org/directory
authenticator = manual
installer = None
pref_challs = dns-01,

log:
2018-10-06 22:56:51,693:DEBUG:certbot.main:certbot version: 0.24.0
2018-10-06 22:56:51,693:DEBUG:certbot.main:Arguments: []
2018-10-06 22:56:51,693:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2018-10-06 22:56:51,715:DEBUG:certbot.log:Root logging level set at 20
2018-10-06 22:56:51,715:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2018-10-06 22:56:51,733:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x1848750> and installer <certbot.cli._Default object at 0x1848750>
2018-10-06 22:56:51,748:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2018-10-08 15:03:29 UTC.
2018-10-06 22:56:51,748:INFO:certbot.renewal:Cert is due for renewal, auto-renewing…
2018-10-06 22:56:51,752:DEBUG:certbot.plugins.selection:Requested authenticator manual and installer None
2018-10-06 22:56:51,754:DEBUG:certbot.plugins.disco:Other error:(PluginEntryPoint#manual): An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.
Traceback (most recent call last):
File “/usr/lib/python2.7/site-packages/certbot/plugins/disco.py”, line 126, in prepare
self._initialized.prepare()
File “/usr/lib/python2.7/site-packages/certbot/plugins/manual.py”, line 118, in prepare
self.option_name(‘auth-hook’)))
PluginError: An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.
PluginError: An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.
2018-10-06 22:56:51,754:DEBUG:certbot.plugins.selection:No candidate plugin
2018-10-06 22:56:51,754:DEBUG:certbot.plugins.selection:Selected authenticator None and installer None
2018-10-06 22:56:51,755:INFO:certbot.main:Could not choose appropriate plugin: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError(‘An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.’,)
2018-10-06 22:56:51,755:WARNING:certbot.renewal:Attempting to renew cert (vtc010.com) from /etc/letsencrypt/renewal/vtc010.com.conf produced an unexpected error: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError(‘An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.’,). Skipping.
2018-10-06 22:56:51,756:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
File “/usr/lib/python2.7/site-packages/certbot/renewal.py”, line 422, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File “/usr/lib/python2.7/site-packages/certbot/main.py”, line 1144, in renew_cert
installer, auth = plug_sel.choose_configurator_plugins(config, plugins, “certonly”)
File “/usr/lib/python2.7/site-packages/certbot/plugins/selection.py”, line 207, in choose_configurator_plugins
diagnose_configurator_problem(“authenticator”, req_auth, plugins)
File “/usr/lib/python2.7/site-packages/certbot/plugins/selection.py”, line 303, in diagnose_configurator_problem
raise errors.PluginSelectionError(msg)
PluginSelectionError: The manual plugin is not working; there may be problems with your existing configuration.
The error was: PluginError(‘An authentication script must be provided with --manual-auth-hook when using the manual plugin non-interactively.’,)

2018-10-06 22:56:51,756:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2018-10-06 22:56:51,756:ERROR:certbot.renewal: /etc/letsencrypt/live/vtc010.com/fullchain.pem (failure)
2018-10-06 22:56:51,756:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File “/usr/bin/certbot”, line 9, in
load_entry_point(‘certbot==0.24.0’, ‘console_scripts’, ‘certbot’)()
File “/usr/lib/python2.7/site-packages/certbot/main.py”, line 1315, in main
return config.func(config, plugins)
File “/usr/lib/python2.7/site-packages/certbot/main.py”, line 1228, in renew
renewal.handle_renewal_request(config)
File “/usr/lib/python2.7/site-packages/certbot/renewal.py”, line 443, in handle_renewal_request
len(renew_failures), len(parse_failures)))
Error: 1 renew failure(s), 0 parse failure(s)


#6

If you are using the manual authenticator, you can’t use the non-interactive

So use

certbot -d [your domains] --manual --preferred-challenges dns-01

PS: Perhaps update your certbot, 0.24.0 is old.


#7

Thank you ,I use command :slight_smile: certbot certonly --server https://acme-v02.api.letsencrypt.org/directory -d “*.vtc010.com” --manual --preferred-challenges dns-01
i find cert reapply is ok

So thank for your time and wish you good day


#8

Yep, now it works.

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:false;domain:*.vtc010.com&lu=cert_search

If you want to have a wildcard certificate, you don’t need --preferred-challenges dns-01. Because wildcard certificates require dns-validation, so this is not optional. And wildcard certificates are only possible using the v02-version, so you can skip the server argument.

certbot certonly -d “*.vtc010.com” --manual

should do the same.


#9

Euh, the only problem of the topcistarter was a space between certbot and -auto. Apparently, the topicstarter also had the non-auto version of certbot installed and because of the space, it tried to search for the authenticator (because of the -a option) uto. As in, auto without the a because it was used as an option element.


#10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.